Bug 6694: Problem with casAuthentication syspref
A missing test in checkauth caused anonymous session to be destroyed and re-created at every call when this syspref was set. Almost the same issue is also fixed in check_api_auth, which caused C4::Service->init to fail. Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com> Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
This commit is contained in:
Julian Maurice
Paul Poulain
parent
ceb5757573
commit
8ffbf4e88c
1 changed files with 4 additions and 3 deletions
|
|
@ -688,7 +688,8 @@ sub checkauth {
|
|||
$userid = $session->param('id');
|
||||
$sessiontype = $session->param('sessiontype');
|
||||
}
|
||||
if ( ($query->param('koha_login_context')) && ($query->param('userid') ne $session->param('id')) ) {
|
||||
if ( ( ($query->param('koha_login_context')) && ($query->param('userid') ne $session->param('id')) )
|
||||
|| ( $cas && $query->param('ticket') ) ) {
|
||||
#if a user enters an id ne to the id in the current session, we need to log them in...
|
||||
#first we need to clear the anonymous session...
|
||||
$debug and warn "query id = " . $query->param('userid') . " but session id = " . $session->param('id');
|
||||
|
|
@ -751,7 +752,7 @@ sub checkauth {
|
|||
C4::Context->_new_userenv($sessionID);
|
||||
$cookie = $query->cookie(CGISESSID => $sessionID);
|
||||
$userid = $query->param('userid');
|
||||
if ($cas || $userid) {
|
||||
if (($cas && $query->param('ticket')) || $userid) {
|
||||
my $password = $query->param('password');
|
||||
my ($return, $cardnumber);
|
||||
if ($cas && $query->param('ticket')) {
|
||||
|
|
@ -1117,7 +1118,7 @@ sub check_api_auth {
|
|||
unless ($query->param('userid')) {
|
||||
$sessionID = $query->cookie("CGISESSID");
|
||||
}
|
||||
if ($sessionID && not $cas) {
|
||||
if ($sessionID && not ($cas && $query->param('PT')) ) {
|
||||
my $session = get_session($sessionID);
|
||||
C4::Context->_new_userenv($sessionID);
|
||||
if ($session) {
|
||||
|
|
|
|||
Loading…
Reference in a new issue